package atom.core2.j2ee.filter;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;

import org.apache.log4j.Logger;

import atom.core0.exception.BizException;

/**
 * @类名称：XssSqlConfig
 * @类描述：注入规则配置
 * @修改人：zhanggy
 * @修改日期：2016-6-8
 *
 */
public class XssSqlConfig {
   /**
    * 排除检查参数
    */
   public static String EXCLUDED = "excluded";
   /**
    * SQL注入拦截
    */
   public static String SQLKEYWORD = "sql-keyword";
   /**
    * 跨站脚本攻击(XSS)拦截
    */
   public static String HTMLKEYWORD = "html-keyword";
   /**
    * 跨站脚本攻击(XSS)拦截
    */
   public static String HTML_PATTERN = "html-pattern";
   
   //错误jsp
   public static String ERROR_JSP = "errorjsp";
   public static String[] html_keywords;
   public static String[] html_patterns;
   public static String[] sql_keywords;
   private final static Logger	      log	       = Logger.getLogger(XssSqlConfig.class);

	//配置参数加载
	public static Map<String,String> configMap = new HashMap<String, String>();
	
	public static String errorjsp="";

    
	/**  
	 * 初始化配置文件
	 */
	public static void initConfig() throws BizException{
		try{
			log.info("加载拦截注入规则配置文件...........Start..........");
			Properties p = new Properties();
            String path = Thread.currentThread().getContextClassLoader().getResource("").getPath()+"conf/XssSqlRuleConfig.properties";
            log.info("======================拦截注入规则配置文件必须存在应用服务运行时的WEB-INF\\classes指定目录中======================");
            log.info("拦截注入规则配置文件路径"+path);
            InputStream inputStream = new FileInputStream(path);
            BufferedReader bf = new BufferedReader(new InputStreamReader(inputStream,"UTF-8"));   
			p.load(bf);
			inputStream.close();
			configMap.put(XssSqlConfig.EXCLUDED,p.getProperty(XssSqlConfig.EXCLUDED));
			configMap.put(XssSqlConfig.SQLKEYWORD,p.getProperty(XssSqlConfig.SQLKEYWORD));
			configMap.put(XssSqlConfig.HTMLKEYWORD,p.getProperty(XssSqlConfig.HTMLKEYWORD));
			configMap.put(XssSqlConfig.HTML_PATTERN,p.getProperty(XssSqlConfig.HTML_PATTERN));
			
			html_keywords = configMap.get(XssSqlConfig.HTMLKEYWORD).split("\\|");
			html_patterns = configMap.get(XssSqlConfig.HTML_PATTERN).split("\\|");
			sql_keywords = configMap.get(XssSqlConfig.SQLKEYWORD).split("\\|");
			errorjsp = p.getProperty(XssSqlConfig.ERROR_JSP);
    	    log.info("加载拦截注入规则配置文件..........End..........");
		}catch (Throwable e) {
			log.error("加载拦截注入规则配置文件失败",e);
			throw new BizException("加载拦截注入规则配置文件失败");
		}
	}
	
	
	public static Map<String, String> getConfigMap()
    {
    	return configMap;
    }


   
   
}
